X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fbn%2Fbn_ctx.c;h=f48055b268b9761ced40a9e8e274df64ef5adcc6;hp=7daf19eb8436cf42bfec2aaba2a1866353b642b0;hb=9e051bac139ce07f846d88b90f3ec514c39ea416;hpb=c62b26fdc6bb176541ec56498090ff6f2ad4a885

diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 7daf19eb84..f48055b268 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -54,9 +54,10 @@
  *
  */
 
-#ifndef BN_CTX_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
+#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
+#ifndef NDEBUG
+#define NDEBUG
+#endif
 #endif
 
 #include <stdio.h>
@@ -65,6 +66,37 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
+/* BN_CTX structure details */
+#define BN_CTX_NUM	32
+#define BN_CTX_NUM_POS	12
+struct bignum_ctx
+	{
+	int tos;
+	BIGNUM bn[BN_CTX_NUM];
+	int flags;
+	int depth;
+	int pos[BN_CTX_NUM_POS];
+	int too_many;
+	};
+
+#ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *ctx)
+#else
+static void BN_CTX_init(BN_CTX *ctx)
+#endif
+	{
+#if 0 /* explicit version */
+	int i;
+	ctx->tos = 0;
+	ctx->flags = 0;
+	ctx->depth = 0;
+	ctx->too_many = 0;
+	for (i = 0; i < BN_CTX_NUM; i++)
+		BN_init(&(ctx->bn[i]));
+#else
+	memset(ctx, 0, sizeof *ctx);
+#endif
+	}
 
 BN_CTX *BN_CTX_new(void)
 	{
@@ -82,21 +114,6 @@ BN_CTX *BN_CTX_new(void)
 	return(ret);
 	}
 
-void BN_CTX_init(BN_CTX *ctx)
-	{
-#if 0 /* explicit version */
-	int i;
-	ctx->tos = 0;
-	ctx->flags = 0;
-	ctx->depth = 0;
-	ctx->too_many = 0;
-	for (i = 0; i < BN_CTX_NUM; i++)
-		BN_init(&(ctx->bn[i]));
-#else
-	memset(ctx, 0, sizeof *ctx);
-#endif
-	}
-
 void BN_CTX_free(BN_CTX *ctx)
 	{
 	int i;
@@ -104,8 +121,11 @@ void BN_CTX_free(BN_CTX *ctx)
 	if (ctx == NULL) return;
 	assert(ctx->depth == 0);
 
-	for (i=0; i < BN_CTX_NUM; i++)
-		BN_clear_free(&(ctx->bn[i]));
+	for (i=0; i < BN_CTX_NUM; i++) {
+		bn_check_top(&(ctx->bn[i]));
+		if (ctx->bn[i].d)
+			BN_clear_free(&(ctx->bn[i]));
+	}
 	if (ctx->flags & BN_FLG_MALLOCED)
 		OPENSSL_free(ctx);
 	}
@@ -120,6 +140,7 @@ void BN_CTX_start(BN_CTX *ctx)
 
 BIGNUM *BN_CTX_get(BN_CTX *ctx)
 	{
+	BIGNUM *ret;
 	/* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically,
 	 * make sure that if BN_CTX_get fails once it will return NULL again
 	 * until BN_CTX_end is called.  (This is so that callers have to check
@@ -135,7 +156,10 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx)
 			}
 		return NULL;
 		}
-	return (&(ctx->bn[ctx->tos++]));
+	ret = ctx->bn + (ctx->tos++);
+	/* always return a 'zeroed' bignum */
+	BN_zero(ret);
+	return ret;
 	}
 
 void BN_CTX_end(BN_CTX *ctx)
@@ -151,5 +175,10 @@ void BN_CTX_end(BN_CTX *ctx)
 	ctx->too_many = 0;
 	ctx->depth--;
 	if (ctx->depth < BN_CTX_NUM_POS)
+#ifndef BN_DEBUG
 		ctx->tos = ctx->pos[ctx->depth];
+#else
+		while(ctx->tos > ctx->pos[ctx->depth])
+			bn_check_top(&ctx->bn[--(ctx->tos)]);
+#endif
 	}